Cisco has warned firms using its Aironet access points running Cisco IOS operating software of a security flaw that allows hackers to gain full access to wireless networks.
The vulnerability allows hackers to steal Wired Equivalent Privacy (Wep) encryption keys. The issue arises if the wireless Lan device's 'SNMP-server enable traps wlan-wep' command is enabled.
"Under these circumstances, an adversary will be able to intercept all static Wep keys," Cisco said in a statement.
If the command is switched on, which Cisco stressed is disabled by default, the access point will broadcast any network static Wep keys in cleartext to the SNMP server every time a key is changed or access points rebooted.
Affected hardware models are the Cisco Aironet 1100, 1200 and 1400 series.
Cisco has posted a workaround advising companies with deployments of these devices to disable this command, adding that any dynamically set Wep key will not be disclosed.
The networking giant said that the problem only applies to wireless Lan kit running its IOS software, so Aironet access point models running VxWorks are not affected.
Customers are advised to upgrade their IOS version to a patched system. Vulnerable IOS releases are: 12.2(8)JA, 12.2(11)JA and 12.2(11)JA1. The first fixed release is 12.2(13)JA1.
Full details of Cisco's advisory and workaround are available here.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth